azorius.net

Binance Code and Internal Passwords Exposed on GitHub for Months (www.404media.co)
from Elephant0991@lemmy.bleh.au to technology@lemmy.world on 01 Feb 2024 11:18
https://lemmy.bleh.au/post/1311371

Comment

I hope nobody loses their shirt over this.

Summary

Sensitive data exposed: Internal code, infrastructure diagrams, passwords, and other technical information were publicly accessible on GitHub for months.
Source unclear: Unclear if an outside hacker or Binance employee accidentally uploaded the data.
Potential risk: Information could be used by attackers to compromise Binance systems, though Binance claims “negligible risk”.
Data details: Included code related to passwords and multi-factor authentication, diagrams of internal infrastructure, and apparent production system passwords.
Binance response: Initially downplayed the leak, later acknowledged data was theirs but downplayed risk.
Current status: Data removed from GitHub via copyright takedown request.
Unclear if any malicious actors accessed the data.

#technology

threaded - newest

Rooki@lemmy.world on 01 Feb 2024 11:30 next collapse

Wow, just wow…

TWeaK@lemm.ee on 01 Feb 2024 12:02 next collapse

Paywall

Petter1@lemm.ee on 01 Feb 2024 12:12 next collapse

Was the github repo archived?

SinningStromgald@lemmy.world on 01 Feb 2024 12:38 collapse

It was on the open net. I am sure it is somewhere.

notannpc@lemmy.world on 01 Feb 2024 16:25 next collapse

I look forward to the future article “billions stolen from crypto exchange binance”

shortwavesurfer@lemmy.zip on 01 Feb 2024 20:22 collapse

Again, centralized exchanges are like public toilets. Get in, do your business, and get the fuck out. This is a good argument against KYC as well, since if they don’t have data, they can’t leak data.